After logging in, I save in $_SESSION['user']
the username and redirect to /dashboard/index.php
. Then I click on a link in my menu to redirect me, for example to the url /dashboard/kanboard/index.php
where the session variable that I mentioned before is still there and does the necessary checks correctly. The problem is that if I click F5 or any other link from this page, when trying to check if the session variable exists, it doesn't find it and returns me to login. All this behavior is quite strange since if I refresh directly in the first index ( /dashboard/index.php
) as many times as necessary, the variable is correctly preserved.
First of all, and before the quality and cleanliness of the code is criticized, I have to say that everything it shows is test code.
This problem arose when migrating the project from a docker container with Debian, Apache, and PHP 7.3.1 to a Vagrant machine with Centos 7, Apache, and PHP 7.3.3, so the main problem may not be in the code itself. in the Apache or PHP configuration. Also, before all the project folders were in /www/html and now they are in /www/html/dashboard, which I don't know if it has anything to do with it either.
Anyway, I leave part of the code of both pages in case it is a problem, if not, what could I be missing in the server or PHP configuration?
dashboard/index.php
<?php
$path = $_SERVER['DOCUMENT_ROOT'];
$titulo = "Index";
include $path.'/dashboard/includes/userData.php';
?>
<!DOCTYPE html>
<html lang="es">
<head>
<?php
include $path.'/dashboard/includes/header.php';
?>
</head>
<body class="nav-md">
<div class="container body">
<div class="main_container">
<!-- sidebar menu -->
<?php
include $path.'/dashboard/includes/menu.php';
include $path.'/dashboard/includes/top-bar.php';
?>
<!-- page content -->
<div class="right_col" role="main">
</div>
<!-- /page content -->
<?php
include $path.'/dashboard/includes/footer.php';
?>
<script src="./js/index.js"></script>
<script>
$(document).ready(function() {
var index = new Index(JSON.parse('<?php echo getJSONUser()?>'));
});
</script>
</body>
</html>
dashboard/kanboard/index.php
<?php
$path = $_SERVER['DOCUMENT_ROOT'];
$migas = "../";
$titulo = "Resumen Imputaciones";
include $path . '/dashboard/includes/userData.php';
?>
<!DOCTYPE html>
<html lang="es">
<head>
<?php
include $path . '/dashboard/includes/header.php';
?>
<!-- MONGO Chart-->
<script src="/dashboard/vendors/Chart.js/dist/Chart.min.js"></script>
</head>
<body class="nav-md">
<!-- MODAL INFORMACION DETALLADA -->
<div class="modal" tabindex="-1" role="dialog" id="modalinfo">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h3 class="modal-title" id="mtitulo"></h3>
<button type="button" class="close" data-dismiss="modal" aria-label="Close" style="float: right;">
<span aria-hidden="true">×</span>
</button>
</div>
<div class="modal-body" id="mbody">
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cerrar</button>
</div>
</div>
</div>
</div>
<!-- FIN MODAL INFORMACION DETALLADA -->
<div class="container body">
<div class="main_container">
<!-- sidebar menu -->
<?php
include $path . '/dashboard/includes/menu.php';
include $path . '/dashboard/includes/top-bar.php';
?>
<!-- page content -->
<div class="right_col" role="main">
<div class="">
<div class="clearfix"></div>
<div class="row">
<div class="col-sm-12">
<div class="x_panel form-panel">
<div class="x_title">
<h2>Resumen Imputaciones</h2>
<div class="clearfix"></div>
</div>
<div class="x_content">
<?php
if (isAdministrator()) {
?>
<div id="tableImputaciones-loader" class="div-loader">
<i class="fa fa-spinner fa-pulse spinner"></i>
</div>
<div class="row" id="imputaciones">
<div id="tablaImputacionesContainer"
class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
<table id="tableImputaciones" class="table table-striped table-bordered"
style="width:100%">
<thead id="tableImputacionesHead">
</thead>
<tbody id="tableImputacionesBody">
</tbody>
</table>
</div>
<div class="col-lg-1 col-md-1 col-sm-1 col-xs-1 more-results">
<button type="button" title="Mostrar más"
class="btn btn-lg button-more-results" data-total-paginas="1"
data-tabla-ref="tableImputaciones"><i class="fa fa-angle-right"
aria-hidden="true"></i>
</button>
</div>
<input type="hidden" id="last-index"/>
</div>
<?php
}
?>
</div>
</div>
</div>
</div>
<div class="clearfix"></div>
</div>
</div>
<?php
include $path . '/dashboard/includes/modals/showUrl.php';
include $path . '/dashboard/includes/footer.php';
?>
<!-- ECharts -->
<script type="text/javascript" src="/dashboard/vendors/echarts/dist/echarts.js"></script>
<script type="text/javascript" src="/dashboard/kanboard/js/utils.js"></script>
<script type="text/javascript" src="/dashboard/kanboard/js/index.js"></script>
<script>
$(document).ready(function () {
var index = new Index('<?php echo getUserName()?>');
});
</script>
</body>
</html>
Method that checks if the user is logged in
function userIsAuth()
{
// Si no hay una sesión iniciada, lo hacemos
if (! isset($_SESSION)) {
session_start();
}
// If existe la variable de sesión "user" entonces es que un usuario ha iniciado sesión
if (isset($_SESSION['user'])) {
return true;
} else {
return false;
}
}
Edit: The userIsAuth function call is included in /dashboard/includes/userData.php which is included in all docs. This function calls session_start();
Edit 2: I add an image of the session configuration that phpinfo outputs
Edit 3: I have made some changes in php.ini
it to try to match it as much as possible to the original environment where the project is (except for certain differences due to the type of environment and the OS itself). In addition, I have now added in the first line of each page the session_start()
and removed said instruction from userData
. With this, it has stopped loading any variable $_SESSION
previously saved and also 2 new warnings have been displayed.
Also, I've tried changing the a php.ini
property session.auto_start
and removing all the but all this led me to different errors with the API that I'm using to retrieve certain data (the api uses Slim Framework and also loads a ).Off
On
session_start
session_start
Edit 4: I have managed to stop the warnings from appearing by touching the value of output_buffering
del php.ini
, it was at 0 and now I have set it to 4096 (it seems to be the recommended value). Now I find that the values that I save inside $_SESSION
when logging are not there. Curiously, if right after session_start();
I put var_dump($_SESSION)
these values, they do appear and the errors stop appearing.
Interestingly, I have discovered another behavior. After logging, the behavior that I have described in Edit 4 may appear or you can drop the first error shown in Edit 3 and display the data $_SESSION
correctly.
After many days of seeing why this whole issue could be failing, in the end it has been solved by putting relative paths in the menu.
In the examples that I exposed, one of the includes was the following:
Which had the following piece of code
If I replace it with the following:
The session is maintained correctly.